VulnScope — package-centric CVE lookup

Search

1,607 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

MEDIUM6.5CVE-2026-23557EPSS 0.01%Any guest can cause xenstored to crash by issuing a XS_RESET_WATCHES command within a transaction due to an assert() triggering.5/19/2026
MEDIUM5.4LIBPNG is a reference library for use in applications that process PNG (Portable Network Graphics) raster image files.5/16/2026
MEDIUM4.3EPSS 0.03%PostgreSQL pg_restore_attribute_stats accepts values that cause query planning to read past end of stats array5/14/2026
MEDIUM6.5EPSS 0.08%PostgreSQL discloses MD5-hashed passwords via covert timing channel5/14/2026
MEDIUM4.3EPSS 0.03%PostgreSQL timeofday() can disclose portions of server memory5/14/2026
MEDIUM5.4EPSS 0.03%PostgreSQL CREATE TYPE does not check multirange schema CREATE privilege5/14/2026
MEDIUM6.5EPSS 0.07%NGINX ngx_http_scgi_module and ngx_http_uwsgi_module vulnerability5/13/2026
MEDIUM4.8EPSS 0.04%NGINX ngx_http_charset_module vulnerability5/13/2026
MEDIUM5.8EPSS 0.02%NGINX ngx_http_proxy_v2_module vulnerability5/13/2026
MEDIUM4.8EPSS 0.04%NGINX ngx_http_ssl_module vulnerability5/13/2026
MEDIUM6.5EPSS 0.03%NGINX ngx_quic_module vulnerability5/13/2026
MEDIUM5.3EPSS 0.08%Successfully using libcurl to do a transfer over a specific HTTP proxy (`proxyA`) with **Digest** authentication and then changing the prox…5/13/2026
MEDIUM5.3When curl is told to use the Certificate Status Request TLS extension, often referred to as *OCSP stapling*, to verify that the server cert…5/13/2026
MEDIUM5.3EPSS 0.02%When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, libcurl could leak the password used for the first hos…5/13/2026
MEDIUM5.9EPSS 0.03%curl might erroneously pass on credentials for a first proxy to a second proxy.5/13/2026
MEDIUM6.5EPSS 0.04%libcurl might in some circumstances reuse the wrong connection when asked to do an authenticated HTTP(S) request after a Negotiate-authenti…5/13/2026
MEDIUM5.9EPSS 0.01%A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool.5/13/2026
MEDIUM5.3EPSS 0.03%An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 c…5/11/2026
MEDIUM5.3EPSS 0.07%A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via…5/11/2026
MEDIUM6.5EPSS 0.06%Net::CIDR::Lite versions before 0.24 for Perl does not properly consider extraneous zero characters in CIDR mask values, which may allow IP…5/10/2026
MEDIUM6.5EPSS 0.06%Net::CIDR::Lite versions before 0.24 for Perl does not properly validate IP address and CIDR mask inputs, which may allow IP ACL bypass.5/10/2026
MEDIUM5.5EPSS 0.00%Vim is an open source, command line text editor.5/8/2026
MEDIUM5.3EPSS 0.07%Vim is an open source, command line text editor.5/8/2026
MEDIUM4.4EPSS 0.23%Vim is an open source, command line text editor.5/8/2026
MEDIUM6.5EPSS 0.26%Apache HTTP Server: multiple modules: HTTP response splitting forwarding malicious status line5/4/2026

← PrevPage 2 of 65Next →